Someone is Waging Cyber War on Iran

[Graphic credit: www.nhaky.in]

This developing story is worth watching. It was first reported on the provocative, but more than occasionally inaccurate, Debkafile [www.debkal.com], but now is emerging in the mainstream media, including this story at UPI. Debka, however, definitely had the scoop.

For some days now, Debkafile has reported that Iran, Pakistan, India and Indonesia have been under cyber attack from a regionally targeted computer worm, dubbed "Stuxnet," aimed at computerized industrial equipment. Reportedly the worm not only cripples the target computers, but also transmits back to its unknown source the data regarding what the industrial equipment controlled by those computers were doing prior to the infestation by the worm. Among its apparent targets of the attack, reports say, are Iran's nuclear facilities, including the computers controlling the centrifuges used by Iran to enrich uranium to weapons-grade. The worm supposedly has crippled their operation.

UPI reports:

"Canadian expert Eric Byres told the Monitor, Stuxnet so far has infected at least 45,000 industrial control systems around the world, without blowing them up, with most of the victim computers in Iran, Pakistan, India and Indonesia. Langner said once inside, Stuxnet waits, checking every five seconds to see if its exact parameters are met by the system -- then is programmed to activate a sequence that causes the industrial process to self-destruct."

"Until a few days ago, people did not believe a directed attack like this was possible," Ralph Langner, a German cyber-security researcher, told the Christian Science Monitor, the UPI story adds.

The other intriguing aspect of the story is that according to computer experts, including a spokesperson for the computer security firm Symantec, as reported by MaximumEdge.com news, no individual hacker or freelance group of hackers would be capable of launching such an attack without extraordinary access to funds, programming expertise and intellligence regarding the targeted sites. According to Symantec, a number of governments with sophisticated computer skills would have the ability to create such a code,including China, Russia, Israel, Britain, Germany and the United States. But the Symantec spokesperson said no clues have been found within the code to point to a country of origin.

While one may derive great satisfaction at the thought that the U.S., or Israel, or both, may have found a way to cripple the Iranian nuclear weapons program without a physical attack or any loss of life, the story has obvious ominous overtones. The age of international cyber warfare has begun. Morever, just as aerial bombing was initially aimed at military targets, but quickly evolved into a tactic aimed at civilian populations as well, Stuxnet and the cyber weapons that follow pose a threat to civilian commercial, industrial and personal computers. One wonders, indeed, whether the source of the Stuxnet attack is able to contain it to only the targeted computers.

For their part, according to Debka, the Iranians are already threatening retaliatory attacks and a long-term cyber war. Revolutionary Guards deputy commander Hossein Salami declared his force had all the defensive structures for fighting a long-term war against "the biggest and most powerful enemies" and was ready to defend the revolution with more advanced weapons than in the past.

[Hat tip to Phil Schlosberg for calling this story to the attention of the Kosher Hedgehog.]


UPDATE: At PCWORLD, Tony Bradley reports that Iran has confirmed that more than 30,000 PCs in Iran have been infected by Stuxnet, including some at the Bushehr nuclear power plant. A Pentagon spokesperson would neither confirm, nor deny, reports that the United States military launched the cyber attack.